Showing results for 
Show  only  | Search instead for 
Did you mean: 

SIM card delivered open

Hi there! I ordered Sim recently and found that SIM card inside the package has been removed and pasted on it again. The first two SIM cards I received were fully sealed in plastic. I had to open it using scissors. The one I received recently, has been removed and replaced. I wish the whole package is sealed with plastic, so people's privacy could be protected. Now, I don't know who has my new sim details and what they could do with that information. I am really worried.

The Legend
The Legend

I got a new SIM last week.

It was in a cardboard envelope sealed with the address sticker.

The SIM was stuck to the cardboard with a small blob of glue.

I don't think that 48 use plastic anymore for environmental reasons.

How do you know that your SIM package was opened?

If it was then you should report it to An Post.

Even if somebody has your SIM number I'm not sure that they can really do anything nefarious with it.

I suspect that you may be worrying unnecessarily.

I am not a 48 employee - if you need to contact 48 support then please click here - if the Chat Now option does not appear on that page then keep trying until it does.

Thanks for replying.

Sorry for the delay in replying to your comment. I will notify An Post regarding the matter.

I am not worrying myself unnecessarily as I have come across some difficulty receiving calls and texts. Even my email account has some issues with getting emails as I am using data plan.

I noticed that an application was downloaded without my knowledge when I was going through my history in my playstore account page. The application was a detailed program of holding all the information on my SIM card.

As soon as I realized the situation, I ordered a new sim card. But, like I mentioned on my previous question, it has been opened and pasted again on the cardboard. My new sim also has the same issues.

Please find below information on what could be done if someone gets hold of a SIM card.

1. Simjacker
In September 2019, security researchers at AdaptiveMobile Security announced they had discovered a new security vulnerability they called Simjacker. This complex attack carries out SIM card hacking by sending a piece of spyware-like code to a target device using an SMS message.

If a user opens the message, hackers can use the code to spy on their calls and messages—and even track their location.

The vulnerability works by using a piece of software called S@T Browser, which is part of the SIM Application Toolkit (STK) that many phone operators use on their SIM cards. The SIMalliance Toolbox Browser is a way of accessing the internet—essentially, it's a basic web browser that lets service providers interact with web applications like email.

However, now that most people use a browser like Chrome or Firefox on their device, the S@T Browser is rarely used. The software is still installed on many devices, though, leaving them vulnerable to the Simjacker attack.

The researchers believe this attack has been used in multiple countries, specifying that the S@T protocol is "used by mobile operators in at least 30 countries whose cumulative population adds up to over a billion people," primarily in the Middle East, Asia, North Africa, and Eastern Europe.

They also believed the exploit was developed and used by a specific private company, which was working with various governments to monitor specific demographics—such as journalists and activists.

All kinds of phones are vulnerable, including both iPhones and Android devices. Simjacker even works on embedded SIM cards (eSIMs).

2. SIM Card Swapping
Another SIM card security issue you may have heard of is SIM card swapping. Hackers used a variation of this technique to take over Twitter CEO Jack Dorsey's personal Twitter account in August 2019. This event raised awareness of how these attacks can be destructive. The technique uses trickery and social engineering, rather than technical vulnerabilities.

To perform a SIM card hacking through a SIM card swap, a hacker will first call up your phone provider. They'll pretend to be you and ask for a replacement SIM card. They'll say they want to upgrade to a new device and, therefore, need a new SIM. If they are successful, the phone provider will send them the SIM.

Then, they can steal your phone number and link it to their own device. All without removing your SIM card!

This has two effects. First, your real SIM card will get deactivated and stop working. And secondly, the hacker now has control over phone calls, messages, and two-factor authentication requests sent to your phone number. This means they could have enough information to access your accounts, and could lock you out of those too.

SIM card swapping is hard to protect against as it involves social engineering. Hackers must convince a customer support agent that they are you. Once they have your SIM, they have control over your phone number. And you may not even know you're a target until it's too late.

3. SIM Cloning
Many times, people try to put SIM swapping and SIM cloning under that same umbrella. However, SIM cloning is more hands-on than the other option.

In a SIM clone attack, the hacker first gains physical access to your SIM card and then creates a copy of the original. Naturally, for copying your SIM card, the hacker will first take out your SIM from the smartphone.

They do this with the help of a smart card copying software, which copies the unique identifier number—assigned to you on your SIM card—onto their blank SIM card.

The hacker will then insert the newly copied SIM card into their smartphone. Once this process is complete, consider your unique SIM card identity to be as good as gone.

Now, the hacker can snoop in on all the communications that are sent to your phone—just as they can in SIM swapping. This means they also have access to your two-factor authentication codes, which will let them hack into your social media accounts, email addresses, card and bank accounts, and more.

Hackers can also use your stolen SIM card identity to carry out scams where a unique phone number might be needed.

I'm a bit confused.

You have been having issues since May this year?

What exactly?

I don't understand the comments about rogue app download and problems with email etc.


If two SIM packages arrived open then I would be more inclined to suspect somebody in your property or vicinity.

I'm not really clear on what the precise issue is.

Maybe you can clarify?

Did you contact An Post and/or 48 support?

I am not a 48 employee - if you need to contact 48 support then please click here - if the Chat Now option does not appear on that page then keep trying until it does.